package com.feonix.common.permission;

import java.util.Set;

import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

import com.feonix.common.listener.UserSessionInfo;
import com.feonix.common.util.StringUtil;
import com.feonix.support.CurrentUser;

public class SimplePermissionAdapter extends AbsPermissionAdapter {

	private static final Log logger = LogFactory.getLog(SimplePermissionAdapter.class);

	/**
	 * 检查是否有权限
	 */
	@Override
	public boolean checkController(PermissionStructure permissionStructure) {
		boolean isCheck = false;

		CurrentUser currentUser = UserSessionInfo.getCurrentUser();
		if (currentUser == null) {
			return isCheck;
		}
		return hasRight(permissionStructure);
	}

	/**
	 * 检查url 是否有权限
	 */
	public boolean checkControllerWithURL(PermissionStructure permissionStructure, String url) {
		return true;
	}

	/**
	 * jsp标签检查是否有权限
	 */
	public boolean checkTag(PermissionStructure permissionStructure) {
		return hasRight(permissionStructure);
	}

	/**
	 * 检查是否有权限
	 * 
	 * @param permissionStructure
	 * @return
	 */
	public boolean hasRight(PermissionStructure permissionStructure) {
		return hasRight(permissionStructure.getModuleId(), permissionStructure.getFunctionId(),
				permissionStructure.getAllowedAdmin(), permissionStructure.getAllowedGroup());
	}

	/**
	 * 检查是否有权限
	 * 
	 * @param module
	 * @param function
	 * @param allowedAdmin
	 * @param allowedGrop
	 * @return
	 */
	public boolean hasRight(String module, String function, Boolean allowedAdmin, Boolean allowedGrop) {
		PermissionKey permissionKey = organizePermissionKey(module, function, allowedAdmin, allowedGrop);
		CurrentUser currentUser = UserSessionInfo.getCurrentUser();
		return checkRight(currentUser, permissionKey);
	}

	/**
	 * 判断权限是否存在
	 * 
	 * @param currentUser
	 * @param permissionKey
	 * @return
	 */
	private boolean checkRight(CurrentUser currentUser, PermissionKey permissionKey) {
		boolean bool = false;
		if ((permissionKey.getAllowedAdmin() == null) && (permissionKey.getAllowedGroup() == null)
				&& (StringUtil.isEmpty(permissionKey.getToken()))) {
			bool = true;
		} else if (currentUser != null) {
			if ((permissionKey.getAllowedAdmin() != null) && (currentUser.isSysAdmin())
					&& (permissionKey.getAllowedAdmin().booleanValue())) {
				bool = true;
			} else if ((permissionKey.getAllowedGroup() != null) && (currentUser.isGroupAdmin())
					&& (permissionKey.getAllowedGroup().booleanValue())) {
				bool = true;
			} else if (StringUtil.isNotEmpty(permissionKey.getToken())) {
				Set<String> permissionSet = currentUser.getPermissions();
				if ((CollectionUtils.isNotEmpty(permissionSet)) && (permissionSet.contains(permissionKey.getToken()))) {
					bool = true;
				}
			}

			logger.debug("need permissionKey:" + permissionKey.getToken() + ", allowedAdmin:"
					+ permissionKey.getAllowedAdmin() + ", allowedGroupAdmin:" + permissionKey.getAllowedGroup()
					+ "; user:" + currentUser.getLoginName() + ", isAdmin:" + currentUser.isSysAdmin()
					+ ", isGroupAdmin:" + currentUser.isGroupAdmin() + ", has right:" + bool);
		}
		return bool;
	}

	/**
	 * 组织权限标识
	 * 
	 * @param module
	 * @param function
	 * @param allowedAdmin
	 * @param allowedGroup
	 * @return
	 */
	public PermissionKey organizePermissionKey(String module, String function, Boolean allowedAdmin,
			Boolean allowedGroup) {
		return PermissionUtil.organizePermissionKey(module, function, null, allowedAdmin, allowedGroup);
	}

}
